From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.4 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90B45C47096 for ; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 68D48613F6 for ; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229820AbhFCTeU (ORCPT ); Thu, 3 Jun 2021 15:34:20 -0400 Received: from mail.kernel.org ([198.145.29.99]:34094 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229656AbhFCTeT (ORCPT ); Thu, 3 Jun 2021 15:34:19 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 6C0FD611CC; Thu, 3 Jun 2021 19:32:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1622748754; bh=rvC32MA8E3QrSBWjTg6LF33SlYkWLco0I2yCu23n7Ok=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=jhQeYpzgE6vlWf6TMVMtA+XVEhF3g/+sc+mtqLnWt9Jxq6VW05vCdwGdpHLzufuYS UwGtMjrFLjvxTtrXwJuljVurczSzpAyvwhISyhtF9mlHrjE5HfQoaQl5Edk52qoEvO fIAR9d5gHQbaop5gruCM9Lb2jdZgO0Vki7OQd9lPddn94/3XqQQhfbFgTNLMzDuhWZ qfQDXIjh/bpK09jMqCFV81DG209YazmpQjI81ykvp5KDwDs8VWUNxwQkPY0OgkctQR pcqnAZK3Wrh9q7duTaMgSjY9Ojm0reQwUN8R3uZYRnguJ2XWcuU7B5qmCg7FnR504O BMQUYhKYK2fxg== Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailauth.nyi.internal (Postfix) with ESMTP id 6FF6127C005B; Thu, 3 Jun 2021 15:32:32 -0400 (EDT) Received: from imap21 ([10.202.2.71]) by compute2.internal (MEProxy); Thu, 03 Jun 2021 15:32:32 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdelledgudefiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvufgtgfesthhqredtreerjeenucfhrhhomhepfdet nhguhicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvleehjeejvefhuddtgeegffdtjedtffegveethedvgfejieev ieeufeevuedvteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpegrnhguhidomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduiedu keehieefvddqvdeifeduieeitdekqdhluhhtoheppehkvghrnhgvlhdrohhrgheslhhinh hugidrlhhuthhordhush X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id 66F9C51C0060; Thu, 3 Jun 2021 15:32:30 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194 Mime-Version: 1.0 Message-Id: <2b2dec75-a0c1-4013-ac49-a49f30d5ac3c@www.fastmail.com> In-Reply-To: References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-2-ak@linux.intel.com> Date: Thu, 03 Jun 2021 12:31:59 -0700 From: "Andy Lutomirski" To: "Andi Kleen" , mst@redhat.com Cc: jasowang@redhat.com, virtualization@lists.linux-foundation.org, hch@lst.de, m.szyprowski@samsung.com, robin.murphy@arm.com, iommu@lists.linux-foundation.org, "the arch/x86 maintainers" , sathyanarayanan.kuppuswamy@linux.intel.com, "Josh Poimboeuf" , "Linux Kernel Mailing List" Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jun 3, 2021, at 11:00 AM, Andi Kleen wrote: >=20 > On 6/3/2021 10:33 AM, Andy Lutomirski wrote: > > On 6/2/21 5:41 PM, Andi Kleen wrote: > >> Only allow split mode when in a protected guest. Followon > >> patches harden the split mode code paths, and we don't want > >> an malicious host to force anything else. Also disallow > >> indirect mode for similar reasons. > > I read this as "the virtio driver is buggy. Let's disable most of t= he > > buggy code in one special case in which we need a driver without bug= s. > > In all the other cases (e.g. hardware virtio device connected over > > USB-C), driver bugs are still allowed." >=20 > My understanding is most of the other modes (except for split with=20 > separate descriptors) are obsolete and just there for compatibility. A= s=20 > long as they're deprecated they won't harm anyone. >=20 > Tell that to every crypto downgrade attack ever. I see two credible solutions: 1. Actually harden the virtio driver. 2. Have a new virtio-modern driver and use it for modern use cases. Mayb= e rename the old driver virtio-legacy or virtio-insecure. They can shar= e code. Another snag you may hit: virtio=E2=80=99s heuristic for whether to use = proper DMA ops or to bypass them is a giant kludge. I=E2=80=99m very sli= ghtly optimistic that getting the heuristic wrong will make the driver f= ail to operate but won=E2=80=99t allow the host to take over the guest, = but I=E2=80=99m not really convinced. And I wrote that code! A virtio-m= odern mode probably should not have a heuristic, and the various iommu-b= ypassing modes should be fixed to work at the bus level, not the device = level. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2685EC47082 for ; Thu, 3 Jun 2021 19:32:38 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CE989613F4 for ; Thu, 3 Jun 2021 19:32:37 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CE989613F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=iommu-bounces@lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 925F140136; Thu, 3 Jun 2021 19:32:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DTS30jsy84tv; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp2.osuosl.org (Postfix) with ESMTP id 6B80640111; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 04E0EC000E; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9005DC0001; Thu, 3 Jun 2021 19:32:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 7BE1660B6F; Thu, 3 Jun 2021 19:32:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=kernel.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u3XTlXSxIrCF; Thu, 3 Jun 2021 19:32:34 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp3.osuosl.org (Postfix) with ESMTPS id DEB02606C6; Thu, 3 Jun 2021 19:32:34 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 6C0FD611CC; Thu, 3 Jun 2021 19:32:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1622748754; bh=rvC32MA8E3QrSBWjTg6LF33SlYkWLco0I2yCu23n7Ok=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=jhQeYpzgE6vlWf6TMVMtA+XVEhF3g/+sc+mtqLnWt9Jxq6VW05vCdwGdpHLzufuYS UwGtMjrFLjvxTtrXwJuljVurczSzpAyvwhISyhtF9mlHrjE5HfQoaQl5Edk52qoEvO fIAR9d5gHQbaop5gruCM9Lb2jdZgO0Vki7OQd9lPddn94/3XqQQhfbFgTNLMzDuhWZ qfQDXIjh/bpK09jMqCFV81DG209YazmpQjI81ykvp5KDwDs8VWUNxwQkPY0OgkctQR pcqnAZK3Wrh9q7duTaMgSjY9Ojm0reQwUN8R3uZYRnguJ2XWcuU7B5qmCg7FnR504O BMQUYhKYK2fxg== Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailauth.nyi.internal (Postfix) with ESMTP id 6FF6127C005B; Thu, 3 Jun 2021 15:32:32 -0400 (EDT) Received: from imap21 ([10.202.2.71]) by compute2.internal (MEProxy); Thu, 03 Jun 2021 15:32:32 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdelledgudefiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvufgtgfesthhqredtreerjeenucfhrhhomhepfdet nhguhicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvleehjeejvefhuddtgeegffdtjedtffegveethedvgfejieev ieeufeevuedvteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpegrnhguhidomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduiedu keehieefvddqvdeifeduieeitdekqdhluhhtoheppehkvghrnhgvlhdrohhrgheslhhinh hugidrlhhuthhordhush X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id 66F9C51C0060; Thu, 3 Jun 2021 15:32:30 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194 Mime-Version: 1.0 Message-Id: <2b2dec75-a0c1-4013-ac49-a49f30d5ac3c@www.fastmail.com> In-Reply-To: References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-2-ak@linux.intel.com> Date: Thu, 03 Jun 2021 12:31:59 -0700 From: "Andy Lutomirski" To: "Andi Kleen" , mst@redhat.com Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest Cc: jasowang@redhat.com, the arch/x86 maintainers , Linux Kernel Mailing List , virtualization@lists.linux-foundation.org, iommu@lists.linux-foundation.org, Josh Poimboeuf , robin.murphy@arm.com, hch@lst.de X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: iommu-bounces@lists.linux-foundation.org Sender: "iommu" CgpPbiBUaHUsIEp1biAzLCAyMDIxLCBhdCAxMTowMCBBTSwgQW5kaSBLbGVlbiB3cm90ZToKPiAK PiBPbiA2LzMvMjAyMSAxMDozMyBBTSwgQW5keSBMdXRvbWlyc2tpIHdyb3RlOgo+ID4gT24gNi8y LzIxIDU6NDEgUE0sIEFuZGkgS2xlZW4gd3JvdGU6Cj4gPj4gT25seSBhbGxvdyBzcGxpdCBtb2Rl IHdoZW4gaW4gYSBwcm90ZWN0ZWQgZ3Vlc3QuIEZvbGxvd29uCj4gPj4gcGF0Y2hlcyBoYXJkZW4g dGhlIHNwbGl0IG1vZGUgY29kZSBwYXRocywgYW5kIHdlIGRvbid0IHdhbnQKPiA+PiBhbiBtYWxp Y2lvdXMgaG9zdCB0byBmb3JjZSBhbnl0aGluZyBlbHNlLiBBbHNvIGRpc2FsbG93Cj4gPj4gaW5k aXJlY3QgbW9kZSBmb3Igc2ltaWxhciByZWFzb25zLgo+ID4gSSByZWFkIHRoaXMgYXMgInRoZSB2 aXJ0aW8gZHJpdmVyIGlzIGJ1Z2d5LiAgTGV0J3MgZGlzYWJsZSBtb3N0IG9mIHRoZQo+ID4gYnVn Z3kgY29kZSBpbiBvbmUgc3BlY2lhbCBjYXNlIGluIHdoaWNoIHdlIG5lZWQgYSBkcml2ZXIgd2l0 aG91dCBidWdzLgo+ID4gSW4gYWxsIHRoZSBvdGhlciBjYXNlcyAoZS5nLiBoYXJkd2FyZSB2aXJ0 aW8gZGV2aWNlIGNvbm5lY3RlZCBvdmVyCj4gPiBVU0ItQyksIGRyaXZlciBidWdzIGFyZSBzdGls bCBhbGxvd2VkLiIKPiAKPiBNeSB1bmRlcnN0YW5kaW5nIGlzIG1vc3Qgb2YgdGhlIG90aGVyIG1v ZGVzIChleGNlcHQgZm9yIHNwbGl0IHdpdGggCj4gc2VwYXJhdGUgZGVzY3JpcHRvcnMpIGFyZSBv YnNvbGV0ZSBhbmQganVzdCB0aGVyZSBmb3IgY29tcGF0aWJpbGl0eS4gQXMgCj4gbG9uZyBhcyB0 aGV5J3JlIGRlcHJlY2F0ZWQgdGhleSB3b24ndCBoYXJtIGFueW9uZS4KPiAKPgoKVGVsbCB0aGF0 IHRvIGV2ZXJ5IGNyeXB0byBkb3duZ3JhZGUgYXR0YWNrIGV2ZXIuCgpJIHNlZSB0d28gY3JlZGli bGUgc29sdXRpb25zOgoKMS4gQWN0dWFsbHkgaGFyZGVuIHRoZSB2aXJ0aW8gZHJpdmVyLgoKMi4g SGF2ZSBhIG5ldyB2aXJ0aW8tbW9kZXJuIGRyaXZlciBhbmQgdXNlIGl0IGZvciBtb2Rlcm4gdXNl IGNhc2VzLiBNYXliZSByZW5hbWUgdGhlIG9sZCBkcml2ZXIgdmlydGlvLWxlZ2FjeSBvciB2aXJ0 aW8taW5zZWN1cmUuICBUaGV5IGNhbiBzaGFyZSBjb2RlLgoKQW5vdGhlciBzbmFnIHlvdSBtYXkg aGl0OiB2aXJ0aW/igJlzIGhldXJpc3RpYyBmb3Igd2hldGhlciB0byB1c2UgcHJvcGVyIERNQSBv cHMgb3IgdG8gYnlwYXNzIHRoZW0gaXMgYSBnaWFudCBrbHVkZ2UuIEnigJltIHZlcnkgc2xpZ2h0 bHkgb3B0aW1pc3RpYyB0aGF0IGdldHRpbmcgdGhlIGhldXJpc3RpYyB3cm9uZyB3aWxsIG1ha2Ug dGhlIGRyaXZlciBmYWlsIHRvIG9wZXJhdGUgYnV0IHdvbuKAmXQgYWxsb3cgdGhlIGhvc3QgdG8g dGFrZSBvdmVyIHRoZSBndWVzdCwgYnV0IEnigJltIG5vdCByZWFsbHkgY29udmluY2VkLiBBbmQg SSB3cm90ZSB0aGF0IGNvZGUhICBBIHZpcnRpby1tb2Rlcm4gbW9kZSBwcm9iYWJseSBzaG91bGQg bm90IGhhdmUgYSBoZXVyaXN0aWMsIGFuZCB0aGUgdmFyaW91cyBpb21tdS1ieXBhc3NpbmcgbW9k ZXMgc2hvdWxkIGJlIGZpeGVkIHRvIHdvcmsgYXQgdGhlIGJ1cyBsZXZlbCwgbm90IHRoZSBkZXZp Y2UgbGV2ZWwuCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f CmlvbW11IG1haWxpbmcgbGlzdAppb21tdUBsaXN0cy5saW51eC1mb3VuZGF0aW9uLm9yZwpodHRw czovL2xpc3RzLmxpbnV4Zm91bmRhdGlvbi5vcmcvbWFpbG1hbi9saXN0aW5mby9pb21tdQ== From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5950CC47097 for ; Thu, 3 Jun 2021 19:32:39 +0000 (UTC) Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 132BE613F4 for ; Thu, 3 Jun 2021 19:32:39 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 132BE613F4 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=virtualization-bounces@lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 783F340633; Thu, 3 Jun 2021 19:32:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NDS5PJLvOpkI; Thu, 3 Jun 2021 19:32:37 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp4.osuosl.org (Postfix) with ESMTP id D448C40630; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 48C9FC0022; Thu, 3 Jun 2021 19:32:36 +0000 (UTC) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 9005DC0001; Thu, 3 Jun 2021 19:32:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 7BE1660B6F; Thu, 3 Jun 2021 19:32:35 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=kernel.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id u3XTlXSxIrCF; Thu, 3 Jun 2021 19:32:34 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp3.osuosl.org (Postfix) with ESMTPS id DEB02606C6; Thu, 3 Jun 2021 19:32:34 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 6C0FD611CC; Thu, 3 Jun 2021 19:32:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1622748754; bh=rvC32MA8E3QrSBWjTg6LF33SlYkWLco0I2yCu23n7Ok=; h=In-Reply-To:References:Date:From:To:Cc:Subject:From; b=jhQeYpzgE6vlWf6TMVMtA+XVEhF3g/+sc+mtqLnWt9Jxq6VW05vCdwGdpHLzufuYS UwGtMjrFLjvxTtrXwJuljVurczSzpAyvwhISyhtF9mlHrjE5HfQoaQl5Edk52qoEvO fIAR9d5gHQbaop5gruCM9Lb2jdZgO0Vki7OQd9lPddn94/3XqQQhfbFgTNLMzDuhWZ qfQDXIjh/bpK09jMqCFV81DG209YazmpQjI81ykvp5KDwDs8VWUNxwQkPY0OgkctQR pcqnAZK3Wrh9q7duTaMgSjY9Ojm0reQwUN8R3uZYRnguJ2XWcuU7B5qmCg7FnR504O BMQUYhKYK2fxg== Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailauth.nyi.internal (Postfix) with ESMTP id 6FF6127C005B; Thu, 3 Jun 2021 15:32:32 -0400 (EDT) Received: from imap21 ([10.202.2.71]) by compute2.internal (MEProxy); Thu, 03 Jun 2021 15:32:32 -0400 X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvdelledgudefiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvufgtgfesthhqredtreerjeenucfhrhhomhepfdet nhguhicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenuc ggtffrrghtthgvrhhnpedvleehjeejvefhuddtgeegffdtjedtffegveethedvgfejieev ieeufeevuedvteenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpegrnhguhidomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduiedu keehieefvddqvdeifeduieeitdekqdhluhhtoheppehkvghrnhgvlhdrohhrgheslhhinh hugidrlhhuthhordhush X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id 66F9C51C0060; Thu, 3 Jun 2021 15:32:30 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194 Mime-Version: 1.0 Message-Id: <2b2dec75-a0c1-4013-ac49-a49f30d5ac3c@www.fastmail.com> In-Reply-To: References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-2-ak@linux.intel.com> Date: Thu, 03 Jun 2021 12:31:59 -0700 From: "Andy Lutomirski" To: "Andi Kleen" , mst@redhat.com Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest Cc: sathyanarayanan.kuppuswamy@linux.intel.com, the arch/x86 maintainers , Linux Kernel Mailing List , virtualization@lists.linux-foundation.org, iommu@lists.linux-foundation.org, Josh Poimboeuf , robin.murphy@arm.com, hch@lst.de, m.szyprowski@samsung.com X-BeenThere: virtualization@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Linux virtualization List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: virtualization-bounces@lists.linux-foundation.org Sender: "Virtualization" CgpPbiBUaHUsIEp1biAzLCAyMDIxLCBhdCAxMTowMCBBTSwgQW5kaSBLbGVlbiB3cm90ZToKPiAK PiBPbiA2LzMvMjAyMSAxMDozMyBBTSwgQW5keSBMdXRvbWlyc2tpIHdyb3RlOgo+ID4gT24gNi8y LzIxIDU6NDEgUE0sIEFuZGkgS2xlZW4gd3JvdGU6Cj4gPj4gT25seSBhbGxvdyBzcGxpdCBtb2Rl IHdoZW4gaW4gYSBwcm90ZWN0ZWQgZ3Vlc3QuIEZvbGxvd29uCj4gPj4gcGF0Y2hlcyBoYXJkZW4g dGhlIHNwbGl0IG1vZGUgY29kZSBwYXRocywgYW5kIHdlIGRvbid0IHdhbnQKPiA+PiBhbiBtYWxp Y2lvdXMgaG9zdCB0byBmb3JjZSBhbnl0aGluZyBlbHNlLiBBbHNvIGRpc2FsbG93Cj4gPj4gaW5k aXJlY3QgbW9kZSBmb3Igc2ltaWxhciByZWFzb25zLgo+ID4gSSByZWFkIHRoaXMgYXMgInRoZSB2 aXJ0aW8gZHJpdmVyIGlzIGJ1Z2d5LiAgTGV0J3MgZGlzYWJsZSBtb3N0IG9mIHRoZQo+ID4gYnVn Z3kgY29kZSBpbiBvbmUgc3BlY2lhbCBjYXNlIGluIHdoaWNoIHdlIG5lZWQgYSBkcml2ZXIgd2l0 aG91dCBidWdzLgo+ID4gSW4gYWxsIHRoZSBvdGhlciBjYXNlcyAoZS5nLiBoYXJkd2FyZSB2aXJ0 aW8gZGV2aWNlIGNvbm5lY3RlZCBvdmVyCj4gPiBVU0ItQyksIGRyaXZlciBidWdzIGFyZSBzdGls bCBhbGxvd2VkLiIKPiAKPiBNeSB1bmRlcnN0YW5kaW5nIGlzIG1vc3Qgb2YgdGhlIG90aGVyIG1v ZGVzIChleGNlcHQgZm9yIHNwbGl0IHdpdGggCj4gc2VwYXJhdGUgZGVzY3JpcHRvcnMpIGFyZSBv YnNvbGV0ZSBhbmQganVzdCB0aGVyZSBmb3IgY29tcGF0aWJpbGl0eS4gQXMgCj4gbG9uZyBhcyB0 aGV5J3JlIGRlcHJlY2F0ZWQgdGhleSB3b24ndCBoYXJtIGFueW9uZS4KPiAKPgoKVGVsbCB0aGF0 IHRvIGV2ZXJ5IGNyeXB0byBkb3duZ3JhZGUgYXR0YWNrIGV2ZXIuCgpJIHNlZSB0d28gY3JlZGli bGUgc29sdXRpb25zOgoKMS4gQWN0dWFsbHkgaGFyZGVuIHRoZSB2aXJ0aW8gZHJpdmVyLgoKMi4g SGF2ZSBhIG5ldyB2aXJ0aW8tbW9kZXJuIGRyaXZlciBhbmQgdXNlIGl0IGZvciBtb2Rlcm4gdXNl IGNhc2VzLiBNYXliZSByZW5hbWUgdGhlIG9sZCBkcml2ZXIgdmlydGlvLWxlZ2FjeSBvciB2aXJ0 aW8taW5zZWN1cmUuICBUaGV5IGNhbiBzaGFyZSBjb2RlLgoKQW5vdGhlciBzbmFnIHlvdSBtYXkg aGl0OiB2aXJ0aW/igJlzIGhldXJpc3RpYyBmb3Igd2hldGhlciB0byB1c2UgcHJvcGVyIERNQSBv cHMgb3IgdG8gYnlwYXNzIHRoZW0gaXMgYSBnaWFudCBrbHVkZ2UuIEnigJltIHZlcnkgc2xpZ2h0 bHkgb3B0aW1pc3RpYyB0aGF0IGdldHRpbmcgdGhlIGhldXJpc3RpYyB3cm9uZyB3aWxsIG1ha2Ug dGhlIGRyaXZlciBmYWlsIHRvIG9wZXJhdGUgYnV0IHdvbuKAmXQgYWxsb3cgdGhlIGhvc3QgdG8g dGFrZSBvdmVyIHRoZSBndWVzdCwgYnV0IEnigJltIG5vdCByZWFsbHkgY29udmluY2VkLiBBbmQg SSB3cm90ZSB0aGF0IGNvZGUhICBBIHZpcnRpby1tb2Rlcm4gbW9kZSBwcm9iYWJseSBzaG91bGQg bm90IGhhdmUgYSBoZXVyaXN0aWMsIGFuZCB0aGUgdmFyaW91cyBpb21tdS1ieXBhc3NpbmcgbW9k ZXMgc2hvdWxkIGJlIGZpeGVkIHRvIHdvcmsgYXQgdGhlIGJ1cyBsZXZlbCwgbm90IHRoZSBkZXZp Y2UgbGV2ZWwuCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f ClZpcnR1YWxpemF0aW9uIG1haWxpbmcgbGlzdApWaXJ0dWFsaXphdGlvbkBsaXN0cy5saW51eC1m b3VuZGF0aW9uLm9yZwpodHRwczovL2xpc3RzLmxpbnV4Zm91bmRhdGlvbi5vcmcvbWFpbG1hbi9s aXN0aW5mby92aXJ0dWFsaXphdGlvbg==